Job Postings
Personally, I find the job listings out there a little insulting.
As the article states, asking for years of experience and calling the role "entry level" or "junior" is a little offensive.
The pay is also crap in most cases, I've seen ads demanding a CISSP cert and 10 years experience for under £30k, that's a joke.
People employing infosec people need to realise, you're not paying for the time we spend at the office, you're paying for the 10+ years it took to acquire the skills and the money saved not having to mop up a breaches, ransomware and other miscellaneous nasties you want to avoid.
It takes a long time to develop a good set of skills and keen instinct for infosec work as most of the skills come from experience.
Paying your infosec folks well will save you untold amounts of money in damages, remediation and lost revenue. Not to mention, it will increase the confidence of your potential customers.
Hiring an infosec person, chucking them in a corner and paying them well will never be a waste of money.